AMENDMENTS TO THE CLAIMS 

(original) A method for computing a group shared secret key at a first node of a 
network for use in a public key process and using less than n * (n-1) messages, where 
"n" is a number of nodes in a broadcast or multicast group of the network, the method 
comprising the computer-implemented steps of: 

generating an intermediate shared secret key by issuing communications to a second 

node of the network; 
sending a first private value associated with the first node to the second node, and 

receiving fi-om the second node a second private value associated with the 

second node using the intermediate shared secret key; 
generating and communicating a collective public key that is based upon the first 

private value and the second private value to a third node of the network; 
receiving an individual public key fi-om the third node; and 

computing and storing the group shared secret key based upon the individual public 
key. 

(original) The method as recited in Claim 1, fiirther comprising: 

joining the first node to an initial multicast group in response to generating the 

intermediate shared secret key; and 
joining a second node to a new multicast group that subsumes the initial multicast 

group after receiving the individual public key. 

(original) The method as recited in Claim 1, wherein the pubhc-key process is Diffie- 
Hellman key exchange. 



1 4. (original) The method as recited in Claim 1 , wherein the step of communicating the 

2 collective public key further comprises determining whether the first node or the 

3 second node transfers the collective public key based upon an order of entry of such 

4 nodes into a multicast group. 

1 5. (original) The method as recited in Claim 1 , wherein the step of communicating the 

2 collective public key further comprises determining whether the first node or the 

3 second node transfers the collective public key based upon a predetermined metric. 

1 6. (original) The method as recited in Claim 1 , wherein sending the first private value 

2 and receiving the second private value further comprises computing the first private 

3 value as a random integer and receiving a second random integer as the second 

4 private value. 

1 7. (original) The method as recited in Claim 1, further comprising creating and storing 

2 information at the first node that associates the first node, the second node, and the 

3 third node as a multicast group communicating over a packet switched network. 

1 8. (currently amended) The method as recited in Claim 1, wherein the steps of 

2 generating, sending, communicating, and receiving further comprise communicating 

3 approximat e ly no more than 2 n + 2(n-l) total messages. 

1 9. (original) The method as recited in Claim 1, wherein the step of communicating the 

2 collective public key comprises storing the collective public key and receiving the 

3 collective public key using a key distribution center. 

1 10. (currently amended) The method as recited in Claim 1, further comprising the step of 

2 establishing a cryptographic conmiunication session between the first node and the 



4 



3 . second node, vvh e reb v wherein secure communications are established between the 

4 first and the second node using public key exchange and only approximat e l v no more 

5 than 2n + 2(n- 1 ) total messages. 

1 11. (original) A method as recited in Claim 1, wherein generating the shared secret key 

2 value comprises computing and storing the shared secret key value "k" at the first 

3 node according to the relation 

4 k = C'^ mod (q) = p'^' mod (q) 

5 wherein C, a, b, c, q, and p are values stored in a memory, and wherein C is the 

6 individual public key, a is the private value of the first node, b is the private 

7 value of the second node, c is a third private value of the third node, p is a 

8 base value, and q is a prime number value. 

1 12. (currently amended) A method for exchanging cryptographic keys among a plurahty 

2 of nodes in a multicast or broadcast group, where "n'' is a number of nodes in the 

3 multicast or broadcast group, the method comprising the computer-implemented steps 

4 of 

5 (a) computing and storing a first shared secret key at a first node; 

6 (b) transmitting a first message, encrypted using the first shared secret key, to a 

7 second node; 

8 (c) receiving a second message, encrypted using the first shared secret key, firom the 

9 second node; 

10 (d) computing and storing a first public key based upon the first and second 

1 1 messages; 

12 (e) transmitting the first public key to a third node; 

13 (f) receiving a second public key firom the third node; 
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14 (g) computing a second shared secret key based upon the second public key, the first 

1 5 message, and the second message; 

16 (h) iteratively performing steps of (e) through (g) until the nodes reach a group 

17 shared secret key for use in cryptographic communication among the of 

1 8 nodes, and using less than n * (n-1) total messages; 

19 wher e b v wherein the first node and second node independently come to a shared 

20 secret key value. 

1 13. (original) The method as recited in Claim 12, further comprising: 

2 joining the first node to an initial multicast group in response to generating the first 

3 public key; and 

4 joining the first node to a new multicast group that subsumes the initial multicast 

5 group after receiving the second public key. 

1 14. (original) The method as recited in Claim 12, wherein the step of transmitting the first 

2 public key further comprises determining whether the first node or the second node 

3 transfers the first public key based upon an order of entry of such nodes into a 

4 multicast group. 

1 15. (original) The method as recited in Claim 12, further comprising creating and storing 

2 information at the first node that associates the first node, the second node, and the 

3 third node as a multicast group communicating over a packet switched network. 

1 16. (currently amended) The method as recited in Claim 12, wherein step (h) comprises 

2 the step of: 

3 (h) iteratively performing steps of (e) through (g) until the nodes reach a group 

4 shared secret key for use in cryptographic communication among the of 

5 nodes, and using approximat e ly n o more than 2n + 2(n«l) total messages. 
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1 17. (original) The method as recited in Claim 12, further comprising communicating with 

2 a key distribution center to obtain public keys for use in arriving at a shared secret 

3 value. 

1 18. (currently amended) The method as recited in Claim 12, further comprising the step 

2 of establishing a cryptographic communication session between the nodes, 

3 whereb y wherein secure communications are established between the nodes using 

4 public key exchange and only approximat e i yn o more than 2n + 2(n-l) total messages. 

1 19. (original) A method as recited in Claim 12, wherein generating the shared secret key 

2 value comprises computing and storing the first shared secret key value "k" at the 

3 first node according to the relation 

4 k - C'^ mod (q) = p^^ mod (q) 

5 wherein C, a, b, c, q, and p are values stored in a memory, and wherein C is the 

6 individual public key, a is the private value of the first node, b is the private 

7 value of the second node, c is a third private value of the third node, p is a 

8 base value, and q is a prime number value. 

1 20. (original) A computer-readable medium carrying one or more sequences of one or 

2 more instructions for computing a group shared secret key at a first node of a network 

3 for use in a public key process and using less than n * (n-1) messages, where "n" is a 

4 number of nodes in a broadcast or multicast group of the network, and which 

5 instructions, when executed by one or more processors, cause the one or more 

6 processors to perform the steps of: 

7 generating an intermediate shared secret key by issuing communications to a second 

8 node of the network; 



7 



9 sending a first private value associated with the first node to the second node, and 

1 0 receiving fi^om the second node a second private value associated with the 

1 1 second node using the intermediate shared secret key; 

12 generating and communicating a collective public key that is based upon the first 

13 private value and the second private value to a third node of the network; 

14 receiving an individual public key fi-om the third node; and 

15 computing and storing the group shared secret key based upon the individual pubhc 

16 key. 

1 21. (original) The computer-readable medium recited in Claim 20, wherein the 

2 instructions fiirther cause the one or more processors to carry out the steps of: 

3 joining the first node to an initial multicast group in response to generating the 

4 intermediate shared secret key; and 

5 joining the first node to a new multicast group that subsumes the initial muhicast 

6 group after receiving the individual public key. 

1 22. (original) The computer-readable medium as recited in Claim 20, wherein the public- 

2 key process is Diffie-Hellman key exchange. 

1 23. (original) The computer-readable mediimi as recited in Claim 20, wherein the 

2 instructions for communicating the collective public key further comprise instructions 

3 for determining whether the first node or the second node transfers the collective 

4 public key based upon an order of entry of such nodes into a multicast group. 

1 24. (original) The computer-readable medium as recited in Claim 20, wherein the 

2 instructions for communicating the collective public key further comprise instructions 

3 for determining whether the first node or the second node transfers the collective 

4 public key based upon a predetermined metric. 
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1 25. (original) The computer-readable medium as recited in Claim 20, wherein the 

2 instructions for sending the first private value and receiving the second private value 

3 further comprise instructions for computing the first private value as a random integer 

4 and receiving a second random integer as the second private value. 

1 26. (original) The computer-readable medium as recited in Claim 20, fiirther comprising 

2 instructions for creating and storing information at the first node that associates the 

3 first node, the second node, and the third node as a multicast group communicating 

4 over a packet switched network. 

1 27. (currently amended) The computer-readable medium as recited in Claim 20, wherein 

2 the instructions for generating, sending, communicating, and receiving fiuther 

3 comprise instructions that communicate only approximatel v no more than 2n + 2(n- 1 ) 

4 total messages. 

1 28. (original) The computer-readable medium as recited in Claim 20, wherein the 

2 instructions for communicating the collective public key fiirther comprise instructions 

3 for storing the collective public key and receiving the collective public key using a 

4 key distribution center. 

1 29. (currently amended) The computer-readable medium as recited in Claim 20, fiirther 

2 comprising instructions for establishing a cryptographic communication session 

3 between the first node and the second node, wher e bv w herein secure communications 

4 are established between the first and the second node using pubUc key exchange and 

5 only approximatel vn o more than 2n + 2(n- 1 ) total messages. 

1 30. (original) A computer-readable medium as recited in Claim 20, wherein the 

2 instructions for generating the shared secret key value fiirther comprise instructions 
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for computing and storing the shared secret key value "k" at the first node according 
to the relation 

k = C'^ mod (q) - p'*'" mod (q) 
wherein C, a, b, c, q, and p are values stored in a memory, and wherein C is the 

individual public key, a is the private value of the first node, b is the private 

value of the second node, c is a third private value of the third node, p is a 

base value, and q is a prime number value. 
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